A user of services provided via telecommunication networks often needs to have simultaneous access to a plurality of service providers. It is also essential that the connections set up are secure and are unable to use for other subscribers than the user in question.
A mechanism known as MAC-Forced Forwarding MFF ensures secure connections. The mechanism ensures that all end-users connected to a specific Service VLAN inside an Ethernet Aggregation Network are allowed access only to a default gateway and not directly to each other or to other edge nodes attached to the service VLAN. The MFF mechanism also permits an access node, to which the end-users are connected, to dynamically learn the address of the mentioned default gateway to allow access to for each end-user IP host. This is done by the access node snooping a DHCP reply to the end-user IP host after a DHCP request for an IP address from the end-user. The MFF mechanism was designed with single-edge access per IP host in mind, i.e. for access to one default gateway. The MFF mechanism is more closely described in T. Melsen, S. Blake: “MAC-Forced Forwarding: A Method for Traffic Separation on an Ethernet Access Network”, available on the web at draft-melsen-mac-forced-fwd-03.
Support for a general multi-edge access, i.e. simultaneous access to the plurality of service providers, requires the end-user IP host to be able to access a multiple number of edge nodes simultaneously. This enables so called true triple-play scenarios, in which a single end-user IP host can access e.g. high-speed Internet service, Voice over IP service and IPTV service simultaneously, delivered by separate edge nodes. This is made possible by provisioning the edge nodes IP addresses statically in the access node. An operator of the network writes the addresses manually in the access node. The method is simple and secure but is relatively cumbersome.